Executive Summary
Informations | |||
---|---|---|---|
Name | MDVSA-2013:162 | First vendor Publication | 2013-05-07 |
Vendor | Mandriva | Last vendor Modification | 2013-05-07 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.8 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Multiple vulnerabilities has been discovered and corrected in glibc: Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFY_SOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments (CVE-2012-0864). Multiple errors in glibc's formatted printing functionality could allow an attacker to bypass FORTIFY_SOURCE protections and execute arbitrary code using a format string flaw in an application, even though these protections are expected to limit the impact of such flaws to an application abort (CVE-2012-3404, CVE-2012-3405, CVE-2012-3406). Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspecified related functions in stdlib in GNU C Library (aka glibc or libc6) 2.16 allow local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow (CVE-2012-3480). Buffer overflow in the extend_buffers function in the regular expression matcher (posix/regexec.c) in glibc, possibly 2.17 and earlier, allows context-dependent attackers to cause a denial of service (memory corruption and crash) via crafted multibyte characters (CVE-2013-0242). Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.17 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of domain conversion results (CVE-2013-1914). The updated packages have been patched to correct these issues. |
Original Source
Url : http://www.mandriva.com/security/advisories?name=MDVSA-2013:162 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
57 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
29 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
14 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:15237 | |||
Oval ID: | oval:org.mitre.oval:def:15237 | ||
Title: | USN-1396-1 -- GNU C Library vulnerabilities | ||
Description: | eglibc: Embedded GNU C Library: sources - glibc: GNU C Library: Documentation Multiple vulnerabilities were discovered and fixed in the GNU C Library. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1396-1 CVE-2009-5029 CVE-2010-0015 CVE-2011-1071 CVE-2011-1659 CVE-2011-1089 CVE-2011-1095 CVE-2011-1658 CVE-2011-2702 CVE-2011-4609 CVE-2012-0864 | Version: | 5 |
Platform(s): | Ubuntu 11.04 Ubuntu 11.10 Ubuntu 8.04 Ubuntu 10.04 Ubuntu 10.10 | Product(s): | GNU |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18163 | |||
Oval ID: | oval:org.mitre.oval:def:18163 | ||
Title: | USN-1589-1 -- eglibc, glibc vulnerabilities | ||
Description: | Multiple security issues were fixed in the GNU C Library. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1589-1 CVE-2012-3404 CVE-2012-3405 CVE-2012-3406 CVE-2012-3480 | Version: | 7 |
Platform(s): | Ubuntu 12.04 Ubuntu 11.10 Ubuntu 11.04 Ubuntu 10.04 Ubuntu 8.04 | Product(s): | eglibc glibc |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18234 | |||
Oval ID: | oval:org.mitre.oval:def:18234 | ||
Title: | USN-1589-2 -- glibc regression | ||
Description: | USN-1589-1 exposed a regression in the GNU C Library floating point parse r. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1589-2 CVE-2012-3404 CVE-2012-3405 CVE-2012-3406 CVE-2012-3480 | Version: | 7 |
Platform(s): | Ubuntu 8.04 | Product(s): | glibc |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:20458 | |||
Oval ID: | oval:org.mitre.oval:def:20458 | ||
Title: | VMware vSphere and vCOps updates to third party libraries | ||
Description: | Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFY_SOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2012-0864 | Version: | 4 |
Platform(s): | VMWare ESX Server 4.1 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21190 | |||
Oval ID: | oval:org.mitre.oval:def:21190 | ||
Title: | RHSA-2012:1207: glibc security and bug fix update (Moderate) | ||
Description: | Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspecified "related functions" in stdlib in GNU C Library (aka glibc or libc6) 2.16 allow local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:1207-00 CESA-2012:1207 CVE-2012-3480 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | glibc |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21252 | |||
Oval ID: | oval:org.mitre.oval:def:21252 | ||
Title: | RHSA-2012:1098: glibc security and bug fix update (Moderate) | ||
Description: | The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (crash) or possibly execute arbitrary code via a crafted format string using positional parameters and a large number of format specifiers, a different vulnerability than CVE-2012-3404 and CVE-2012-3405. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:1098-01 CESA-2012:1098 CVE-2012-3404 CVE-2012-3405 CVE-2012-3406 | Version: | 28 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | glibc |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21353 | |||
Oval ID: | oval:org.mitre.oval:def:21353 | ||
Title: | RHSA-2012:0397: glibc security update (Moderate) | ||
Description: | Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFY_SOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:0397-01 CESA-2012:0397 CVE-2012-0864 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | glibc |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21459 | |||
Oval ID: | oval:org.mitre.oval:def:21459 | ||
Title: | RHSA-2012:0393: glibc security and bug fix update (Moderate) | ||
Description: | Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFY_SOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:0393-01 CESA-2012:0393 CVE-2012-0864 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | glibc |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21482 | |||
Oval ID: | oval:org.mitre.oval:def:21482 | ||
Title: | RHSA-2012:1208: glibc security update (Moderate) | ||
Description: | Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspecified "related functions" in stdlib in GNU C Library (aka glibc or libc6) 2.16 allow local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:1208-01 CESA-2012:1208 CVE-2012-3480 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | glibc |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21515 | |||
Oval ID: | oval:org.mitre.oval:def:21515 | ||
Title: | RHSA-2012:1097: glibc security and bug fix update (Moderate) | ||
Description: | The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (crash) or possibly execute arbitrary code via a crafted format string using positional parameters and a large number of format specifiers, a different vulnerability than CVE-2012-3404 and CVE-2012-3405. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:1097-00 CESA-2012:1097 CVE-2012-3406 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | glibc |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22667 | |||
Oval ID: | oval:org.mitre.oval:def:22667 | ||
Title: | ELSA-2012:0397: glibc security update (Moderate) | ||
Description: | Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFY_SOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0397-01 CVE-2012-0864 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | glibc |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22825 | |||
Oval ID: | oval:org.mitre.oval:def:22825 | ||
Title: | ELSA-2012:1097: glibc security and bug fix update (Moderate) | ||
Description: | The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (crash) or possibly execute arbitrary code via a crafted format string using positional parameters and a large number of format specifiers, a different vulnerability than CVE-2012-3404 and CVE-2012-3405. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:1097-00 CVE-2012-3406 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | glibc |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22970 | |||
Oval ID: | oval:org.mitre.oval:def:22970 | ||
Title: | ELSA-2012:1207: glibc security and bug fix update (Moderate) | ||
Description: | Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspecified "related functions" in stdlib in GNU C Library (aka glibc or libc6) 2.16 allow local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:1207-00 CVE-2012-3480 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | glibc |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23014 | |||
Oval ID: | oval:org.mitre.oval:def:23014 | ||
Title: | ELSA-2012:1098: glibc security and bug fix update (Moderate) | ||
Description: | The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (crash) or possibly execute arbitrary code via a crafted format string using positional parameters and a large number of format specifiers, a different vulnerability than CVE-2012-3404 and CVE-2012-3405. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:1098-01 CVE-2012-3404 CVE-2012-3405 CVE-2012-3406 | Version: | 17 |
Platform(s): | Oracle Linux 6 | Product(s): | glibc |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23714 | |||
Oval ID: | oval:org.mitre.oval:def:23714 | ||
Title: | ELSA-2012:1208: glibc security update (Moderate) | ||
Description: | Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspecified "related functions" in stdlib in GNU C Library (aka glibc or libc6) 2.16 allow local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:1208-01 CVE-2012-3480 | Version: | 6 |
Platform(s): | Oracle Linux 6 | Product(s): | glibc |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23853 | |||
Oval ID: | oval:org.mitre.oval:def:23853 | ||
Title: | ELSA-2012:0393: glibc security and bug fix update (Moderate) | ||
Description: | Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFY_SOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0393-01 CVE-2012-0864 | Version: | 6 |
Platform(s): | Oracle Linux 6 | Product(s): | glibc |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:25931 | |||
Oval ID: | oval:org.mitre.oval:def:25931 | ||
Title: | SUSE-SU-2013:0858-1 -- Security update for glibc | ||
Description: | This collective update for the GNU C library (glibc) provides the following fixes: * Fix stack overflow in getaddrinfo with many results (bnc#813121, CVE-2013-1914) * Fix locking in _IO_cleanup (bnc#796982) * Fix buffer overflow in glob (bnc#691365) * Fix memory leak in execve (bnc#805899) Security Issue reference: * CVE-2013-1914 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1914 > | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2013:0858-1 CVE-2013-1914 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 10 SUSE Linux Enterprise Desktop 10 | Product(s): | glibc |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27367 | |||
Oval ID: | oval:org.mitre.oval:def:27367 | ||
Title: | DEPRECATED: ELSA-2013-0769 -- glibc security and bug fix update (low) | ||
Description: | [2.5-107.4] - Add missing patch to avoid use after free (#816647). [2.5-107.3] - Fix multibyte character processing crash in regexp (CVE-2013-0242, #951130) - Fix getaddrinfo stack overflow resulting in application crash (CVE-2013-1914, #951130) [2.5-107.2] - Call feraiseexcept only if exceptions are not masked (#861871). | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-0769 CVE-2013-0242 CVE-2013-1914 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | glibc |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27621 | |||
Oval ID: | oval:org.mitre.oval:def:27621 | ||
Title: | DEPRECATED: ELSA-2012-1208 -- glibc security update (moderate) | ||
Description: | [2.12-1.80.el6_3.5] - Fix integer overflow leading to buffer overflow in strto* and related out of bounds array index (#847931) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-1208 CVE-2012-3480 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | glibc |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27625 | |||
Oval ID: | oval:org.mitre.oval:def:27625 | ||
Title: | DEPRECATED: ELSA-2012-0393 -- glibc security and bug fix update (moderate) | ||
Description: | [2.12-1.47.el6_2.9] - Always use another area after a failed allocation in the main arena (#795328) - Remove sse3 memcpy (#695812) changes (#799259) [2.12-1.47.el6_2.8] - Avoid nargs integer overflow which could be used to bypass FORTIFY_SOURCE (#794815) [2.12-1.47.el6_2.7] - Fix locking on malloc family retry paths (#795328) [2.12-1.47.el6_2.6] - Fix cycle detection in dynamic loader (#783999) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-0393 CVE-2012-0864 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | glibc |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27722 | |||
Oval ID: | oval:org.mitre.oval:def:27722 | ||
Title: | DEPRECATED: ELSA-2012-1207 -- glibc security and bug fix update (moderate) | ||
Description: | [2.5-81.el5_8.7] - Fix out of bounds array access in strto* exposed by 847929 patch. [2.5-81.el5_8.6] - Fix integer overflow leading to buffer overflow in strto* (#847929) [2.5-81.el5_8.5] - Do not use PT_IEEE_IP ptrace calls (#839411) - Update ULPs (#839411) - Fix various transcendentals in non-default rounding modes (#839411) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-1207 CVE-2012-3480 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | glibc |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27827 | |||
Oval ID: | oval:org.mitre.oval:def:27827 | ||
Title: | DEPRECATED: ELSA-2012-1098 -- glibc security and bug fix update (moderate) | ||
Description: | [2.12-1.80.el6_3.3] - Fix incorrect/corrupt patchfile for 833716. Did not affect generated code, but tests were missing (#833716). [2.12-1.80.el6_3.2] - Fix regression after patch for BZ804630 (#837026). [2.12-1.80.el6_3.1] - Fixes an unbound alloca and related problems. (#833716) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-1098 CVE-2012-3404 CVE-2012-3405 CVE-2012-3406 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | glibc |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27835 | |||
Oval ID: | oval:org.mitre.oval:def:27835 | ||
Title: | DEPRECATED: ELSA-2012-0397 -- glibc security update (moderate) | ||
Description: | [2.5-81.el5_8.1] - Add dist tag [when building file lists (#784646).] - Avoid nargs integer overflow which could be used to bypass FORTIFY_SOURCE (#794813) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-0397 CVE-2012-0864 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | glibc |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27845 | |||
Oval ID: | oval:org.mitre.oval:def:27845 | ||
Title: | DEPRECATED: ELSA-2012-1097 -- glibc security and bug fix update (moderate) | ||
Description: | [2.5-81.el5_8.4] - Fix iconv() segfault if the invalid multibyte character 0xffff is input when converting from IBM930 (#837896) [2.5-81.el5_8.3] - Fix unbound alloca in vfprintf (#833720) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-1097 CVE-2012-3406 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | glibc |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2013-05-01 | sudo v1.8.0-1.8.3p1 (sudo_debug) - Root Exploit + glibc FORTIFY_SOURCE Bypass |
OpenVAS Exploits
Date | Description |
---|---|
2012-12-27 | Name : VMSA-2012-0018: VMware security updates for vCSA and ESXi File : nvt/gb_VMSA-2012-0018.nasl |
2012-12-18 | Name : Ubuntu Update for glibc USN-1589-2 File : nvt/gb_ubuntu_USN_1589_2.nasl |
2012-10-03 | Name : Ubuntu Update for eglibc USN-1589-1 File : nvt/gb_ubuntu_USN_1589_1.nasl |
2012-09-10 | Name : Slackware Advisory SSA:2012-244-01 glibc File : nvt/esoft_slk_ssa_2012_244_01.nasl |
2012-08-31 | Name : VMSA-2012-0013 VMware vSphere and vCOps updates to third party libraries. File : nvt/gb_VMSA-2012-0013.nasl |
2012-08-30 | Name : Fedora Update for glibc FEDORA-2012-2123 File : nvt/gb_fedora_2012_2123_glibc_fc17.nasl |
2012-08-30 | Name : Fedora Update for glibc FEDORA-2012-11928 File : nvt/gb_fedora_2012_11928_glibc_fc16.nasl |
2012-08-30 | Name : Fedora Update for glibc FEDORA-2012-11927 File : nvt/gb_fedora_2012_11927_glibc_fc17.nasl |
2012-08-30 | Name : Fedora Update for glibc FEDORA-2012-11508 File : nvt/gb_fedora_2012_11508_glibc_fc17.nasl |
2012-08-28 | Name : RedHat Update for glibc RHSA-2012:1208-01 File : nvt/gb_RHSA-2012_1208-01_glibc.nasl |
2012-08-28 | Name : RedHat Update for glibc RHSA-2012:1207-01 File : nvt/gb_RHSA-2012_1207-01_glibc.nasl |
2012-08-28 | Name : CentOS Update for glibc CESA-2012:1208 centos6 File : nvt/gb_CESA-2012_1208_glibc_centos6.nasl |
2012-08-28 | Name : CentOS Update for glibc CESA-2012:1207 centos5 File : nvt/gb_CESA-2012_1207_glibc_centos5.nasl |
2012-07-30 | Name : CentOS Update for glibc CESA-2012:1098 centos6 File : nvt/gb_CESA-2012_1098_glibc_centos6.nasl |
2012-07-30 | Name : CentOS Update for glibc CESA-2012:1097 centos5 File : nvt/gb_CESA-2012_1097_glibc_centos5.nasl |
2012-07-30 | Name : CentOS Update for glibc CESA-2012:0397 centos5 File : nvt/gb_CESA-2012_0397_glibc_centos5.nasl |
2012-07-30 | Name : CentOS Update for glibc CESA-2012:0393 centos6 File : nvt/gb_CESA-2012_0393_glibc_centos6.nasl |
2012-07-19 | Name : RedHat Update for glibc RHSA-2012:1098-01 File : nvt/gb_RHSA-2012_1098-01_glibc.nasl |
2012-07-19 | Name : RedHat Update for glibc RHSA-2012:1097-01 File : nvt/gb_RHSA-2012_1097-01_glibc.nasl |
2012-07-09 | Name : RedHat Update for glibc RHSA-2012:0393-01 File : nvt/gb_RHSA-2012_0393-01_glibc.nasl |
2012-04-02 | Name : Fedora Update for glibc FEDORA-2012-2162 File : nvt/gb_fedora_2012_2162_glibc_fc16.nasl |
2012-03-22 | Name : RedHat Update for glibc RHSA-2012:0397-01 File : nvt/gb_RHSA-2012_0397-01_glibc.nasl |
2012-03-12 | Name : Ubuntu Update for eglibc USN-1396-1 File : nvt/gb_ubuntu_USN_1396_1.nasl |
2012-03-09 | Name : Fedora Update for glibc FEDORA-2012-2144 File : nvt/gb_fedora_2012_2144_glibc_fc15.nasl |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2015-02-12 | IAVM : 2015-A-0038 - Multiple Vulnerabilities in GNU C Library (glibc) Severity : Category I - VMSKEY : V0058753 |
2014-09-18 | IAVM : 2014-B-0126 - Multiple Vulnerabilities in VMware ESXi 5.5 Severity : Category I - VMSKEY : V0054325 |
2012-09-13 | IAVM : 2012-A-0148 - Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1 Severity : Category I - VMSKEY : V0033794 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-02-29 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_VMSA-2012-0013_remote.nasl - Type : ACT_GATHER_INFO |
2015-12-30 | Name : The remote VMware ESXi host is missing a security-related patch. File : vmware_VMSA-2014-0008_remote.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2012-1488-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2012-1667-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-0858-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-1251-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-1287-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-1122-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-1128-1.nasl - Type : ACT_GATHER_INFO |
2015-04-06 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL16364.nasl - Type : ACT_GATHER_INFO |
2015-03-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-168.nasl - Type : ACT_GATHER_INFO |
2015-03-26 | Name : The remote Debian host is missing a security update. File : debian_DLA-165.nasl - Type : ACT_GATHER_INFO |
2015-03-09 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201503-04.nasl - Type : ACT_GATHER_INFO |
2015-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3169.nasl - Type : ACT_GATHER_INFO |
2015-02-02 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2015-0024.nasl - Type : ACT_GATHER_INFO |
2015-02-02 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2015-0023.nasl - Type : ACT_GATHER_INFO |
2014-12-15 | Name : The remote VMware ESXi 5.1 host is affected by multiple vulnerabilities. File : vmware_esxi_5_1_build_2323231_remote.nasl - Type : ACT_GATHER_INFO |
2014-12-12 | Name : The remote VMware ESXi 5.1 host is affected by multiple vulnerabilities. File : vmware_esxi_5_1_build_2323236_remote.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2014-0017.nasl - Type : ACT_GATHER_INFO |
2014-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0488.nasl - Type : ACT_GATHER_INFO |
2014-11-12 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1605.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2013-1527.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2012-1325.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1262.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2012-1200.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1185.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0531.nasl - Type : ACT_GATHER_INFO |
2014-10-09 | Name : The remote VMware ESXi 5.5 host is affected by multiple vulnerabilities. File : vmware_esxi_5_5_build_2068190_remote.nasl - Type : ACT_GATHER_INFO |
2014-09-11 | Name : The remote VMware ESXi host is missing a security-related patch. File : vmware_VMSA-2014-0008.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-723.nasl - Type : ACT_GATHER_INFO |
2013-12-23 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-270.nasl - Type : ACT_GATHER_INFO |
2013-12-10 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_glibc-130913.nasl - Type : ACT_GATHER_INFO |
2013-12-10 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_glibc-130917.nasl - Type : ACT_GATHER_INFO |
2013-12-04 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20131121_glibc_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2013-12-03 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201312-01.nasl - Type : ACT_GATHER_INFO |
2013-11-27 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1605.nasl - Type : ACT_GATHER_INFO |
2013-11-26 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-283.nasl - Type : ACT_GATHER_INFO |
2013-11-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1605.nasl - Type : ACT_GATHER_INFO |
2013-11-13 | Name : The remote VMware ESXi 5.1 host is affected by multiple security vulnerabilit... File : vmware_esxi_5_1_build_1063671_remote.nasl - Type : ACT_GATHER_INFO |
2013-11-13 | Name : The remote VMware ESXi 5.0 host is affected by multiple vulnerabilities. File : vmware_esxi_5_0_build_912577_remote.nasl - Type : ACT_GATHER_INFO |
2013-10-22 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1991-1.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-109.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-120.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-57.nasl - Type : ACT_GATHER_INFO |
2013-08-22 | Name : The remote Fedora host is missing a security update. File : fedora_2013-15053.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1208.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0769.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1207.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1098.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1097.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0397.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0393.nasl - Type : ACT_GATHER_INFO |
2013-06-05 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_glibc-8579.nasl - Type : ACT_GATHER_INFO |
2013-06-02 | Name : The remote Fedora host is missing a security update. File : fedora_2013-4174.nasl - Type : ACT_GATHER_INFO |
2013-05-08 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-163.nasl - Type : ACT_GATHER_INFO |
2013-04-26 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130424_glibc_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2013-04-26 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0769.nasl - Type : ACT_GATHER_INFO |
2013-04-25 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0769.nasl - Type : ACT_GATHER_INFO |
2013-04-01 | Name : The remote Fedora host is missing a security update. File : fedora_2013-4100.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_glibc-121129.nasl - Type : ACT_GATHER_INFO |
2012-12-24 | Name : The remote VMware ESXi host is missing one or more security-related patches. File : vmware_VMSA-2012-0018.nasl - Type : ACT_GATHER_INFO |
2012-12-18 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1589-2.nasl - Type : ACT_GATHER_INFO |
2012-11-19 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_glibc-8351.nasl - Type : ACT_GATHER_INFO |
2012-10-02 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1589-1.nasl - Type : ACT_GATHER_INFO |
2012-09-18 | Name : The remote Fedora host is missing a security update. File : fedora_2012-11963.nasl - Type : ACT_GATHER_INFO |
2012-09-04 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2012-244-01.nasl - Type : ACT_GATHER_INFO |
2012-08-31 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2012-0013.nasl - Type : ACT_GATHER_INFO |
2012-08-30 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1208.nasl - Type : ACT_GATHER_INFO |
2012-08-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1207.nasl - Type : ACT_GATHER_INFO |
2012-08-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1207.nasl - Type : ACT_GATHER_INFO |
2012-08-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1208.nasl - Type : ACT_GATHER_INFO |
2012-08-28 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120827_glibc_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-28 | Name : The remote Fedora host is missing a security update. File : fedora_2012-11928.nasl - Type : ACT_GATHER_INFO |
2012-08-28 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120827_glibc_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-20 | Name : The remote Fedora host is missing a security update. File : fedora_2012-11927.nasl - Type : ACT_GATHER_INFO |
2012-08-16 | Name : The remote Fedora host is missing a security update. File : fedora_2012-11508.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120319_glibc_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120718_glibc_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120718_glibc_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120315_glibc_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-07-20 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1098.nasl - Type : ACT_GATHER_INFO |
2012-07-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1098.nasl - Type : ACT_GATHER_INFO |
2012-07-19 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1097.nasl - Type : ACT_GATHER_INFO |
2012-07-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1097.nasl - Type : ACT_GATHER_INFO |
2012-03-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0397.nasl - Type : ACT_GATHER_INFO |
2012-03-20 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0393.nasl - Type : ACT_GATHER_INFO |
2012-03-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0397.nasl - Type : ACT_GATHER_INFO |
2012-03-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0393.nasl - Type : ACT_GATHER_INFO |
2012-03-12 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1396-1.nasl - Type : ACT_GATHER_INFO |
2012-03-08 | Name : The remote Fedora host is missing a security update. File : fedora_2012-2144.nasl - Type : ACT_GATHER_INFO |
2012-02-29 | Name : The remote Fedora host is missing a security update. File : fedora_2012-2123.nasl - Type : ACT_GATHER_INFO |
2012-02-27 | Name : The remote Fedora host is missing a security update. File : fedora_2012-2162.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-10 21:28:00 |
|
2013-05-09 13:18:36 |
|